14 DAY TRIAL // Microsoft has just released this month’s Patch Tuesday updates to fix vulnerabilities in its software, including Windows, Office, Silverlight, and others.
The company has shipped a total of 12 security patches, but the number could vary depending on the software currently running on your PC. There are 8 critical security fixes, and some of them are also aimed at Windows 10 computers, so if you’re already running this OS version, make sure you install these patches as soon as possible.
Below are the critical security updates and the affected software:
| Patch | Affected software |
|---|---|
| Cumulative Security Update for Internet Explorer (3116180) | Microsoft Windows, Internet Explorer |
| Cumulative Security Update for Microsoft Edge (3116184) | Microsoft Windows, Microsoft Edge |
| Cumulative Security Update for JScript and VBScript to Address Remote Code Execution (3116178) | Microsoft Windows |
| Security Update for Microsoft Windows DNS to Address Remote Code Execution (3100465) | Microsoft Windows |
| Security Update for Microsoft Graphics Component to Address Remote Code Execution (3104503) | Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Skype for Business, Microsoft Lync, Silverlight |
| Security Update for Silverlight to Address Remote Code Execution (3106614) | Microsoft Silverlight |
| Security Update for Microsoft Uniscribe to Address Remote Code Execution (3108670) | Microsoft Windows |
| Security Update for Microsoft Office to Address Remote Code Execution (3116111) | Microsoft Office |
Browsers under attack
This month, browsers seem to be of particular concerned for Microsoft, as both Internet Explorer and Edge have received critical security patches.
Wolfgang Kandek, CTO of Qualys, has warned that IT admins should prioritize the deployment of these patches in order to make sure that their PCs aren’t exploited once users launch a compromised website hosting malicious content to take advantage of these flaws.
“Browsers are often used in current attack scenarios, such as drive-by downloads or spear phishing. You need to keep them as up-to-date as possible. MS15-124 for Internet Explorer (IE), MS15-125 for Edge and MS15-126 for the JavaScript libraries in Vista and Windows Server 2008 address 30 issues, many of them critical leading to remote code election (RCE). Edge has ‘only’ 15 issues, with 11 duplicates from IE and four issues native to Edge itself,” he says.
As usual, all these patches are released via Windows Update, so make sure you deploy all of them as soon as possible to stay secure.